I think that information is part of the payload of a ScalaSignature or ScalaLongSignature annotation, which contains all Scala specific type/symbol information in serialized form. So I think you’ll have to fake the entire contents of that annotation to make the compiler believe it’s a Scala package private class.

Package namespace in the JVM is flat, not hierarchical. Any two packages are separate and cannot access the other’s package-private members.
My guess would be that scalac generates package private members in Scala sense as public in the class files and enforces access restrictions only at the source level.